Container Images #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Container Images | |
# | |
# This workflow builds all container images on every PR and Push that modifies | |
# relevant paths. It verifies that the images can be built successfully, and | |
# then possibly runs tests to verify their correct behavior. | |
# | |
# If triggered by the deploy-hooks, the built images will be pushed out to | |
# the configured registries. | |
# | |
name: "Container Images" | |
on: | |
pull_request: | |
paths: | |
- ".github/workflows/containers.yml" | |
- "lib/containers/**" | |
push: | |
branches-ignore: ["pr/**"] | |
tags: ["**"] | |
paths: | |
- ".github/workflows/containers.yml" | |
- "lib/containers/**" | |
workflow_dispatch: | |
inputs: | |
target: | |
description: "Container Target" | |
required: true | |
default: "all-images" | |
defaults: | |
run: | |
shell: "bash" | |
working-directory: "./lib/containers" | |
jobs: | |
# | |
# Configure Jobs | |
# | |
# This job prepares parameters for the further builds. Amongst other things, | |
# it list all targets and provides this output as JSON array to other | |
# jobs. This allows us to dynamically react to additions to the image list | |
# and create new jobs for each image. | |
# | |
# Note that we have to split image builds across jobs since the individual | |
# CI runners do not have enough disk capacity to build all images. | |
# | |
config: | |
name: "Job Configuration" | |
runs-on: ubuntu-latest | |
outputs: | |
deploy: ${{ steps.parameters.outputs.deploy }} | |
images: ${{ steps.parameters.outputs.images }} | |
now: ${{ steps.parameters.outputs.now }} | |
steps: | |
- name: "Clone Repository" | |
uses: actions/checkout@v3 | |
- name: "Determine Build Parameters" | |
id: parameters | |
env: | |
CTX_GITHUB_EVENT_NAME: ${{ github.event_name }} | |
CTX_GITHUB_EVENT_INPUTS_TARGET: ${{ github.event.inputs.target }} | |
IMG_DEPLOY: no | |
IMG_TARGET: all-images | |
run: | | |
if [[ "${CTX_GITHUB_EVENT_NAME}" = "workflow_dispatch" ]] ; then | |
IMG_DEPLOY="yes" | |
IMG_TARGET=${CTX_GITHUB_EVENT_INPUTS_TARGET} | |
fi | |
echo "deploy=${IMG_DEPLOY}" >>$GITHUB_OUTPUT | |
echo "images=$(docker buildx bake --print "${IMG_TARGET}" | jq -ce ".target | keys")" >>$GITHUB_OUTPUT | |
echo "now=$(date -u '+%Y%m%d%H%M')" >>$GITHUB_OUTPUT | |
- name: "Print Parameters" | |
env: | |
CTX_STEPS_PARAMETERS_OUTPUTS_DEPLOY: ${{ steps.parameters.outputs.deploy }} | |
CTX_STEPS_PARAMETERS_OUTPUTS_IMAGES: ${{ steps.parameters.outputs.images }} | |
CTX_STEPS_PARAMETERS_OUTPUTS_NOW: ${{ steps.parameters.outputs.now }} | |
run: | | |
echo "Deploy: ${CTX_STEPS_PARAMETERS_OUTPUTS_DEPLOY}" | |
echo "Images:" | |
echo "${CTX_STEPS_PARAMETERS_OUTPUTS_IMAGES}" | jq . | |
echo "End of Images" | |
echo "Now: ${CTX_STEPS_PARAMETERS_OUTPUTS_NOW}" | |
# | |
# Build/Test Images | |
# | |
# This job is run for each image-target. It builds the image locally and then | |
# runs configured tests (if any). | |
# | |
ci: | |
name: "Image Build/Test" | |
runs-on: ubuntu-latest | |
needs: config | |
permissions: | |
packages: write | |
strategy: | |
fail-fast: false | |
matrix: | |
image: ${{ fromJson(needs.config.outputs.images) }} | |
env: | |
CAB_UNIQUEID: ${{ needs.config.outputs.now }} | |
steps: | |
- name: "Clone Repository" | |
uses: actions/checkout@v3 | |
- name: "Prepare QEMU Emulators" | |
uses: docker/setup-qemu-action@v2 | |
- name: "Prepare Docker Buildx" | |
id: buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: "Build Image" | |
env: | |
IMG_TARGET: ${{ matrix.image }} | |
run: docker buildx bake --load "${IMG_TARGET}" | |
- name: "Authenticate to GHCR" | |
if: ${{ needs.config.outputs.deploy == 'yes' }} | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Deploy Image" | |
if: ${{ needs.config.outputs.deploy == 'yes' }} | |
env: | |
IMG_TARGET: ${{ matrix.image }} | |
run: | | |
docker buildx bake --print "${IMG_TARGET}" | \ | |
jq -cer '.target[].tags[] | select(test("^ghcr.io"))' | \ | |
xargs -L1 -- docker push |